FOI/DPA Information Governance

INformation governance

1. Introduction
The UKFPO seeks to be an open and transparent organisation. We recognise the need for an appropriate balance between openness and the need to maintain the security and confidentiality of information which we hold in order to ensure compliance with the requirements of the Freedom of Information Act 2000 (FOIA).

2. Information Governance
To enable the UKFPO to achieve this balance, we have developed this information governance strategy, together with associated policies and procedures to ensure that we achieve the following aims in relation to information that is held:-

• Openness

• Confidentiality of personal information

• Information security

A list of these policies and procedures can be found at Appendix A.

The UKFPO also complies fully with:-

• the security standards and policies of its information technology service provider, Leicester Health Informatics Service (, hosted by University Hospitals of Leicester NHS Trust

• the June 2008 Cabinet Office Report - Data Handling Procedures in Government

• other relevant standards as set by the four UK health departments and other government bodies.

2.1. Openness
The UKFPO will make as much information as possible proactively available through our publication scheme or upon request in compliance with the FOIA.

2.2. Confidentiality of Personal Information
The UKFPO will establish and maintain policies to ensure compliance with the Data Protection Act 1998, the Human Rights Act 1998 and other relevant legislation.

The UKFPO will promote effective confidentiality and security practices to its staff through policies, procedures and training.

2.3. Information Security
The UKFPO will establish and maintain policies for the effective and secure management of all the information it holds, from creation or collection through to disposal.

Appendix A – UKFPO Information Governance Policies
In addition to the policies and standards referred to in 2.3, Information Security (above), the UKFPO complies with the following “in-house” policies:-

• Records and Information Management Policy
• Policy for the Handling and Processing of Data Protection and Freedom of Information Requests
• Access to Information held by the UKFPO Digg Reddit Facebook Stumble Upon Follow UKFPO on Twitter